wormhole-foundation_wormhole/devnet/node.yaml

---
apiVersion: v1
kind: Service
metadata:
  name: guardian
  labels:
    app: guardian
spec:
  ports:
    - port: 8996
      name: ccq-p2p
      protocol: UDP
    - port: 8999
      name: p2p
      protocol: UDP
    - port: 7070
      name: public-grpc
      protocol: TCP
    - port: 7071
      name: public-rest
      protocol: TCP
  clusterIP: None
  selector:
    app: guardian
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: guardian
spec:
  selector:
    matchLabels:
      app: guardian
  serviceName: guardian
  replicas: 5
  updateStrategy:
    # The StatefulSet rolling update strategy is rather dumb, and updates one pod after another.
    # If we want blue-green deployments, we should use a Deployment instead.
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: guardian
    spec:
      terminationGracePeriodSeconds: 0
      volumes:
        # mount shared between containers for runtime state
        - name: node-rundir
          emptyDir: {}
        - name: node-wormchain-key
          secret:
            secretName: node-wormchain-key
            optional: false
            items:
              - key: accountantKey0
                path: accountantKey0
              - key: accountantKey1
                path: accountantKey1
              - key: gwrelayerKey0
                path: gwrelayerKey0
              - key: gwrelayerKey1
                path: gwrelayerKey1
              - key: accountantNttKey0
                path: accountantNttKey0
              - key: accountantNttKey1
                path: accountantNttKey1
        - name: node-config
          configMap:
            name: node-config
      containers:
        - name: guardiand
          image: guardiand-image
          volumeMounts:
            - mountPath: /run/node
              name: node-rundir
            - mountPath: /tmp/mounted-keys/wormchain
              name: node-wormchain-key
            - mountPath: /app/node/config
              name: node-config
          command:
            - /guardiand
            - node
            - --config
            - node/config/guardiand.yaml
            # - --ethRPC
            # - ws://eth-devnet:8545
            # - --wormchainURL
            # - wormchain:9090
            # - --accountantKeyPath
            # - /tmp/mounted-keys/wormchain/accountantKey
            # - --accountantKeyPassPhrase
            # - test0000
            # - --accountantWS
            # - http://wormchain:26657
            # - --accountantContract
            # - wormhole14hj2tavq8fpesdwxxcu44rty3hh90vhujrvcmstl4zr3txmfvw9srrg465
            # - --accountantCheckEnabled=true
            # - --terraWS
            # - ws://terra-terrad:26657/websocket
            # - --terraLCD
            # - http://terra-terrad:1317
            # - --terraContract
            # - terra14hj2tavq8fpesdwxxcu44rty3hh90vhujrvcmstl4zr3txmfvw9ssrc8au
            # - --terra2WS
            # - ws://terra2-terrad:26657/websocket
            # - --terra2LCD
            # - http://terra2-terrad:1317
            # - --terra2Contract
            # - terra14hj2tavq8fpesdwxxcu44rty3hh90vhujrvcmstl4zr3txmfvw9ssrc8au
            # - --algorandAppID
            # - "1004"
            # - --algorandIndexerRPC
            # - http://algorand:8980
            # - --algorandIndexerToken
            # - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
            # - --algorandAlgodRPC
            # - http://algorand:4001
            # - --algorandAlgodToken
            # - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
            # - --nearRPC
            # - http://near:3030
            # - --nearContract
            # - wormhole.test.near
            # - --solanaContract
            # - Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o
            # - --solanaRPC
            # - http://solana-devnet:8899
            # - --pythnetContract
            # - Bridge1p5gheXUvJ6jGWGeCsgPKgnE3YgdGKRVCMY9o
            # - --pythnetRPC
            # - http://solana-devnet:8899
            - --unsafeDevMode
            - --guardianKey
            - /tmp/bridge.key
            - --publicRPC
            - "[::]:7070"
            - --publicWeb
            - "[::]:7071"
            - --adminSocket
            - /tmp/admin.sock
            - --publicGRPCSocket
            - /tmp/publicrpc.sock
            - --dataDir
            - /tmp/data
            - --publicRpcLogDetail
            - "full"
            # - --chainGovernorEnabled=true
            - --ccqEnabled=true
            - --ccqAllowedRequesters=beFA429d57cD18b7F8A4d91A2da9AB4AF05d0FBe,25021A4FCAf61F2EADC8202D3833Df48B2Fa0D54
            - --ccqAllowedPeers=12D3KooWSnju8zhywCYVi2JwTqky1sySPnmtYLsHHzc4WerMnDQH,12D3KooWM6WqedfR6ehtTd1y6rJu3ZUrEkTjcJJnJZYesjd89zj8
            - --transferVerifierEnabledChainIDs=2
            - --notaryEnabled=true
            - --logLevel=warn
          securityContext:
            capabilities:
              add:
                # required for syscall.Mlockall
                - IPC_LOCK
          readinessProbe:
            httpGet:
              port: 6060
              path: /readyz
          ports:
            - containerPort: 8996
              name: ccq-p2p
              protocol: UDP
            - containerPort: 8999
              name: p2p
              protocol: UDP
            - containerPort: 6060
              name: pprof
              protocol: TCP
            - containerPort: 7070
              name: public-grpc
              protocol: TCP
            - containerPort: 7071
              name: public-grpcweb
              protocol: TCP
            - containerPort: 2345
              name: debugger
              protocol: TCP
---
apiVersion: v1
kind: Secret
metadata:
  name: node-wormchain-key
type: Opaque
data:
  accountantKey0: LS0tLS1CRUdJTiBURU5ERVJNSU5UIFBSSVZBVEUgS0VZLS0tLS0Ka2RmOiBiY3J5cHQKc2FsdDogRjlGRUFBRDQ4NzJCNjQzN0JFRTI2MEU3QTUwOTFBOTEKdHlwZTogc2VjcDI1NmsxCgpxMEFsUHBqMFhxL1cvcStHUEUwRjVzOUZreVcwOHVZUFJKVFc5OENpbFNUZGhiQ3Z3T2kwWlVXb0pta2xoMm5ICnRmZEViTDF1NHEycnJjcDF5b0dLVHRNRmVOQm9aMW5IeWxlQ3lxMD0KPXk3cjAKLS0tLS1FTkQgVEVOREVSTUlOVCBQUklWQVRFIEtFWS0tLS0t
  accountantKey1: LS0tLS1CRUdJTiBURU5ERVJNSU5UIFBSSVZBVEUgS0VZLS0tLS0Ka2RmOiBiY3J5cHQKc2FsdDogNzIyNDgyNzNBRjMzMDM4NTFDNjc0MURENzQ2MjMyNDAKdHlwZTogc2VjcDI1NmsxCgpaMmZwdHRRN0lCK1Y0NjBRZ0RqMGdqZmJIYlN5a0VCTGl6ZS9NQ1g4N2dBSkdyZzBIMTZPamtybUNQNkZVeERZClpadG1GOUx5ZEE5eVg3Z2pQbzd3ZlBGOW44cTFGMXV1RUVqQ3cvcz0KPU9nOXYKLS0tLS1FTkQgVEVOREVSTUlOVCBQUklWQVRFIEtFWS0tLS0t
  gwrelayerKey0: LS0tLS1CRUdJTiBURU5ERVJNSU5UIFBSSVZBVEUgS0VZLS0tLS0KdHlwZTogc2VjcDI1NmsxCmtkZjogYmNyeXB0CnNhbHQ6IDc4OUYzRTBCMkVGNDcyNjAyQzNFMUE0OUI2OENFQzlBCgpGWHAvSllPS3E4WmZtOWxHZ3ZFNEM3NXFyUXFNZFp2RHNWRjhObTdMQU1oR2dHbXBnZnpoZjUrZ3IwZ1hjYjVWCmtSTXA2c0p0NkxCVzRPYWF2ckk3ay84Vml2NWhMVU1la1dPMHg5bz0KPUxrb1MKLS0tLS1FTkQgVEVOREVSTUlOVCBQUklWQVRFIEtFWS0tLS0t
  gwrelayerKey1: LS0tLS1CRUdJTiBURU5ERVJNSU5UIFBSSVZBVEUgS0VZLS0tLS0Ka2RmOiBiY3J5cHQKc2FsdDogNDc5RDk3RDE2OTE0QkQ4QjlFNUUwQzkzMDA0RDA4RUEKdHlwZTogc2VjcDI1NmsxCgpvTEJ0aUkwT2pudXo5bHlzeVlZOFhQeEVkTnpwYUJOVWFkL0UySlJld2pFWFZNVVNTWll2QVZKbERiN3hEQjlSCmEvdm45SFNPM2hKOFc1QTBKOVFqUVZXRzVoZXBNZVpQUEI4M1FCUT0KPVJuTGEKLS0tLS1FTkQgVEVOREVSTUlOVCBQUklWQVRFIEtFWS0tLS0t
  accountantNttKey0: LS0tLS1CRUdJTiBURU5ERVJNSU5UIFBSSVZBVEUgS0VZLS0tLS0Ka2RmOiBiY3J5cHQKc2FsdDogNzI4NTBEREJFNDQ4NzZBN0Q1Q0YxNDlBQjBGQjNBQzEKdHlwZTogc2VjcDI1NmsxCgpYN1BGMUJaZFBZMmlvRHdVRm9KcXdVdVg4YlFmcFNGckk4UklPS2g1ZUg5cCtDUzZYMm5lM2hVWGFPTDB3YXhUCnM3QVduTzErU241L1g1V0NicklqNHdDVUcwUWdNb0IyN2VFQnB2ND0KPWJiSEkKLS0tLS1FTkQgVEVOREVSTUlOVCBQUklWQVRFIEtFWS0tLS0t
  accountantNttKey1: LS0tLS1CRUdJTiBURU5ERVJNSU5UIFBSSVZBVEUgS0VZLS0tLS0Ka2RmOiBiY3J5cHQKc2FsdDogNEI2NDI1NDY0MDY0RTIzQjJENUUyNkQyNUI1QUIzQTcKdHlwZTogc2VjcDI1NmsxCgp2NDFNNGdqelc2MHVwcUhyb2l3aURYakVJMEE5WjN1R2lZcmdyNVpjUit2c3V5RFdDZWNXZUFqV2NXb2tINmRhCldKQ1cvdjNua1pqa0xhajByeEpxYTNrSThodDBtdjZ4eDB0WHhSUT0KPUpSZS8KLS0tLS1FTkQgVEVOREVSTUlOVCBQUklWQVRFIEtFWS0tLS0t
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: node-config
data:
  guardiand.yaml: |
    ethRPC: "ws://eth-devnet:8545"